You are here

Home » API reference » Domain Access 5 » domain.module

function domain_node_grants in Domain Access 5

Same name and namespace in other branches
  1. 6.2 domain.module \domain_node_grants()
  2. 7.3 domain.module \domain_node_grants()
  3. 7.2 domain.module \domain_node_grants()

Implement hook_node_grants.

Informs the node access system what permissions the user has. By design all users are in the realm defined by the currently active domain_id.

File

./domain.module, line 750
Core module functions for the Domain Access suite.

Code

function domain_node_grants($account, $op) {
  global $_domain;

  // Do we need to use complex rules?
  $rules = variable_get('domain_access_rules', FALSE);

  // By design, all users can see content sent to all affiliates,
  // but the $_domain['site_grant'] can be set to FALSE.
  if ($op == 'view') {
    if ($_domain['site_grant']) {
      $grants['domain_site'][] = 0;
      if ($rules) {
        $grants['domain_site']['group'] = 'domain';
      }
    }

    // Grant based on active subdomain.
    $grants['domain_id'][] = $_domain['domain_id'];
    if ($rules) {
      $grants['domain_id']['group'] = 'domain';
    }

    // In special cases, we grant the ability to view all nodes.  That is,
    // we simply get out of the way of other node_access rules.
    // We do this with the universal 'domain_all' grant.
    if ($op == 'view' && domain_grant_all()) {

      // If no other node access modules are present, return our grant.
      // Otherwise, we just step out of the way.
      if ($rules) {
        return array();
      }
      else {
        return array(
          'domain_all' => array(
            0,
          ),
        );
      }
    }
  }
  else {

    // Special permissions for editors
    $editors = variable_get('domain_editors', DOMAIN_EDITOR_RULE);
    if ($editors && user_access('edit domain nodes', $account)) {
      if (!empty($account->domain_user)) {
        foreach ($account->domain_user as $id) {
          if (abs($id) > 0) {
            if ($id > 0) {
              $grants['domain_editor'][] = $id;
            }
            else {
              $grants['domain_editor'][] = 0;
            }

            // Advanced rules let us access check unpublished nodes for editing.
            if ($rules) {
              $grants['domain_editor']['check'] = TRUE;
            }
          }
        }
      }
    }
  }

  // Let Domain Access module extensions act to override the defaults.
  static $_modules;
  if (!isset($_modules)) {
    $_modules = module_implements('domaingrants');
  }
  if (!empty($_modules)) {
    foreach ($_modules as $module) {

      // Cannot use module_invoke_all() since these are passed by reference.
      $function = $module . '_domaingrants';
      $function($grants, $account, $op);
    }
  }
  return $grants;
}